Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
fbce86641360cd0a9b2b4b71b6821934_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
fbce86641360cd0a9b2b4b71b6821934_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Target
fbce86641360cd0a9b2b4b71b6821934_JaffaCakes118
Size
242KB
MD5
fbce86641360cd0a9b2b4b71b6821934
SHA1
17647036ce49fff0065e8ce39e65b03771353d82
SHA256
9577e0aa69058128b28bd7e0473239f9f3f8ca2dd56c078f0f6229fc85cc358b
SHA512
2e926326b1b243ea61a76a3a63ce28fefc53630ee1059d327c286b4cdc398d9a9f0c239a4334a3c9ac94346b68492ac5089f2a0a14e4c7e293506ff030753052
SSDEEP
6144:skeENDvTSn2SV/GuhYdViC7X57+nMMYYVa/ssFt0W:sNEND/k/GLPX57+nxi0ssW
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ